anti-money laundering and counter-terrorism financing policy and program · 2017-05-08 · 6. the...
TRANSCRIPT
MyState Limited
Anti-Money
Laundering and
Counter-Terrorism
Financing Policy and
Program
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 1
MyState Limited
Document Hierarchy
Title of document Anti-Money Laundering and Counter-
Terrorism Financing Policy and Program
Version 0.4
Category of document Lead Policy
Short description
This document outlines the Anti-Money
Laundering and Counter-Terrorism
Financing Program - Part A together with
reference to Part B for the MyState
Group.
Applicable to MyState Group
Approval Authority Board via GRC and RCC
Responsible Executive CRO
Document owner Head of Compliance and Principal Legal
Officer
Related documents:
Risk Management Strategy and
Framework
Compliance Management Framework
Customer Identification, Due Diligence
& Verification Procedure Fraud and Financial Crimes Procedures
Scoreline2 Risk Scoring - Terms of Use
and Instruction Guide
Recruitment and Selection Procedure
Fit and Proper Policy , Standard and
Procedure
Date Approved 20/04/2017
Next scheduled review date 2020
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 2
MyState Limited
Index
1. Purpose ...................................................................................................................... 3
2. Scope ......................................................................................................................... 3
3. Roles .......................................................................................................................... 4
4. Definitions .................................................................................................................. 7
5. Related regulations .................................................................................................... 8
6. The AML/CTF Program .............................................................................................. 8
7. Conducting a ML/TF Risk Assessment ...................................................................... 9
8. Approval and Oversight by the Board and Management ........................................... 10
9. Employee Due Diligence .......................................................................................... 11
10. AML/CTF Risk Assessment Training Program .......................................................... 12
11. AUSTRAC Feedback ................................................................................................ 16
12. Ongoing Customer Due Diligence ............................................................................ 16
13. AUSTRAC Reporting ................................................................................................ 18
14. Internal Communication ............................................................................................ 19
15. Record Keeping ........................................................................................................ 19
16. Review ..................................................................................................................... 19
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 3
MyState Limited
1. Purpose
MyState aims to prevent and detect money laundering or the financing of
terrorism in order to ensure that it complies with Australia’s anti-money
laundering and terrorist financing laws.
Pursuant to the Anti-Money Laundering and Counter Terrorism Financing Act
2006 (Cth), MyState must adopt and maintain a Standard Anti-Money
Laundering and Counter-Terrorism Financing Program.
The purpose of this document is to establish and describe MyState’s AML/CTF
Policy and Program which is designed to identify, mitigate and manage the
ML/TF risk arising from the provision of a designated service by MyState.
Elements of Part A also inform the risk-based approach that is applied in Part B
(customer identification).
2. Scope
This document applies to MyState Limited Group Companies and operating
Subsidiaries. This document must be read in conjunction with the related
documents and underlying frameworks that support the implementation of the
groups Risk Management Strategy and Framework.
Risk Appetite Statement
Privacy Policy
Fit and Proper Policy, standard and procedure
Recruitment and Selection procedure
Credit risk lending policy and standards
Operational Risk Framework and Process
Compliance Management Framework
Fraud detection and prevention framework
Customer Identification, Due Diligence & Verification Procedure Fraud and Financial Crime Procedure
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 4
MyState Limited
3. Roles All employees must be familiar with the requirements of this policy and program
and support the implementation of the same.
MYS’s overall approach to risk management is based on ‘the three lines of
defence’ model which supports the relationship between the individual business
units, the risk management and compliance functions, internal and external
audit and the Board.
The 1st line of defence
Individual business units are responsible for identifying, evaluating and
managing the risks that originate in their respective business lines within the
risk appetite statements and policies.
The 2nd line of defence
The risk management and compliance functions are responsible for providing
independent risk management expertise, monitoring and oversight.
The 3rd line of defence
Internal and external audit independently reviews and tests business unit
compliance with risk policies and procedures, and regularly assesses the
overall adequacy and effectiveness of the risk management framework.
MyState is committed to having an operationally effective corporate governance
structure in place with respect to this AML/CTF Policy and Program. The
following individuals and committees will have responsibilities under this
AML/CTF Policy and Program. The Three lines of defence structure translate to
the following roles and responsibilities in the Group.
Board
The Board will approve this policy and program and has ultimate responsibility
of AML/CTF compliance across the group, including but not limited to the below
review and approval of the AML/CTF Policy and Program
receive and consider AML/CTF reports
review reportable breaches of the AML/CTF Program – Part A and Part B
and actions
consider and approve AML/CTF recommendations by the Group Risk
Committee
the Board charges the Group Risk Committee (GRC) with the
responsibility of ensuring there are adequate resources, processes and
systems in place to enable this policy and Framework function as
intended
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 5
MyState Limited
Group Risk Committee
The Group Risk Committee is a Board Committee that is responsible for
overseeing all risks and risk related activities other than those undertaken by
the Board or other Board committees. The GRC is responsible for the
governance of the overall Risk Management Strategy and Framework Policy,
and in that capacity, is responsible for recommending the AML /CTF policy and
program. The Committee is also responsible for:
review and Recommend the AML/CTF Program and AML/CTF reports
and make recommendations to the Board;
receiving and reviewing reports from management concerning AML/CTF,
and may also make recommendations as to strategies, policies and
processes for AML/CTF;
review Feedback from AUSTRAC;
monitor MyState’s AML/CTF performance and compliance with the
AML/CTF Program Part A and Part B &
review breach reporting of the AML/CTF Program – Part A and Part B and
actions
Managing Director / CEO
The Managing Director/CEO will demonstrate and communicate a genuine
commitment to the risk management principles approved by the Board and will
ensure adequate funding is dedicated to the operation of the risk management
framework and as such, to AML/CTF Policy and Program.
assign responsibilities to ensure the effective management of the
identified ML/TF risks;
oversight of assurance that all parts of the organisation comply with the
AML/CTF Policy and Program; &
promote awareness of AML/CTF so that its cause and processes and
procedures that flow becomes embedded throughout the organisation
Risk and Credit Committee
The primary purpose of the RCC is to assist Management and the GRC
discharge its responsibility to exercise due care, diligence and skill to oversee,
direct and review the management of risk of the MyState Limited Group, which
includes:
review and recommend approval the AML/CTF Policy and Program –and
AML/CTF reports and make recommendations to the Group Risk
Committee;
review feedback from AUSTRAC;
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 6
MyState Limited
review and approve the AML/CTF Program – Part B;
monitor MyState’s AML/CTF performance and compliance with the
AML/CTF Program Part A and Part B:&
review breach reporting of the AML/CTF Program – Part A and Part B and
actions
Chief Risk Officer
The CRO reports to the MD and also has direct and unfettered access to the
Chairperson of the GRC. Whilst normal line management and in turn, all
employees retain responsibility for AML/CTF within MYS, the CRO provides an
alternative avenue for identification of associated risks.
The CRO is responsible for:
ensuring a risk management framework and its associated components
are appropriate for MYS’s activities;
establishing and maintaining the risk management monitoring and
reporting processes necessary to ensure compliance with the AML/CTF
Policy and Program;
establishing and reviewing the processes and procedures for
implementing the principles of the Risk Management Framework and its
components, of which AML/CTF is one;
promoting a risk awareness culture;
advising and assisting internal and external stakeholders with regards to
the risk management policy and framework and its components;
encouraging and promoting communication throughout the risk
management process; and
appoint the AML/CTF Compliance Officer
AML/CTF Compliance Officer
MyState designates the Head of Compliance & Principal Legal Officer to
supervise this AML/CTF Policy and Program. The Head of Compliance &
Principal Legal Officer reports in to the MyState CRO, and via the CRO has
access to the Group Risk Committee and the MyState Board. MyState has also
designated the Senior Manager Compliance as an alternate to the designated
AML/CTF Compliance Officer.
The AML/CTF Compliance Officer is appointed as the custodian of the
AML/CTF Policy and Program and is responsible for the following:
ensuring continued compliance with the requirements of the AML/CTF Act
and AML/CTF Rules (subject to the ongoing oversight of the reporting
entity's board, executive and senior management)
day-to-day oversight of the AML/CTF Program – Part A and Part B
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 7
MyState Limited
regular reporting, including reporting of non-compliance, to the Board,
board committees, executive and senior management as required
addressing any AUSTRAC feedback about the reporting entity's risk
management performance or AML/CTF Program Part A and Part B
acting as the AUSTRAC contact officer for matters such as reporting
suspicious matters, international funds transfer instructions and threshold
transactions, urgent reporting, compliance audits, or requests for
information or documents
Contributing to designing, implementing and maintaining internal
AML/CTF compliance manuals, policies, procedures and systems.
Provide a heightened awareness throughout the business of key
AML/CTF issues and AML/CTF techniques
Co-ordination of the institution-wide ML/TF Risk assessment
Executives
Members of the Executive will demonstrate and communicate genuine support
to the risk management principles and the AML/CTF policy and program by:
ensuring that the requirements of the AML/CTF Program – Part A and
Part B are incorporated where appropriate into divisional processes;
be accountable for delivering the outcome of AML/CTF processes and
procedures in their particular area of responsibility; And
supporting the AML/CTF Compliance Officer in the execution of the
responsibilities of the position
Staff
The role of all staff members is to manage AML and CTF risk in their area of
activity through adherence to delegated responsibilities and AML/CTF
processes and procedures and by bringing to the immediate attention of their
supervisor any factor identified that could place of MyState and its obligations
with respect to AML/CTF at risk.
4. Definitions
Please refer to Annexure 1 – Definitions
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 8
MyState Limited
5. Related regulations
Pursuant to the Anti-Money Laundering and Counter Terrorism Financing Act
2006 there are related regulations administered by AUSTRAC applicable to
MyState and are considered in relation this policy and program. This include
the following
AML/CTF Rules Instrument 2007 (No. 1)
AML/CTF (prescribed Foreign Countries) Regulation 2016
Financial Transaction Reports Act 1998
6. The AML/CTF Program
The AML /CTF program is comprised of two parts
Part A
Is designed to identify, manage and mitigate money laundering and
terrorism financing risk faced by MyState. This will include awareness
training, employee due diligence, appointment of an AML/CTF
Compliance Officer, Ongoing due diligence, reporting requirements to
AUSTRAC and review requirements of Part A.
Part A is contained in this document and is supported by the financial
crime monitoring procedures.
Part B
Outlines MyState’s customer identification procedures and requirements
regarding the ongoing monitoring of customer transaction. This is required
to satisfy MyState that an individual customer is who they claim to be, and
for non individual customers, beneficial ownership details are known. By
knowing it’s customers MyState is better able to identify and mitigate
ML/TF risks in the conduct of financial transactions, particularly where the
activity or transactions are unusual or uncharacteristic.
Part B is covered by MyState’s Customer Identification, Due diligence and
Verification Standards and Procedures and the Fraud and Financial Crime
Procedures.
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 9
MyState Limited
7. Conducting a ML/TF Risk Assessment
ML/TF risk is the risk that MyState or its products and services may be used to
facilitate money laundering or terrorism financing. MyState will use a set of
metrics that measures ML/TF risk (for example high, medium or low risk)
associated with providing each designated service. The following are
considered while determining the risk, the customer type (including any
customers who are politically exposed persons and their associates), type of
product /service provided to the customer, channel via which this service is
provided and the jurisdiction within which the customer operates.
The risk level determines the risk-based customer identification procedures to
be included in Part B of the AML/CTF program.
MyState will consider ML/TF Risk in the strategic development of new
Designated Services it may make available to Customers. This means that
prior to a new Designated Service being made available to MyState’s
Customers. The Designated Service will be screened against the RSM to
determine what level of ML/TF Risk it poses to MyState.
MyState will include an ML/TF risk assessment as a requirement for any new
designated service (product), delivery method or technology where the
characteristics of the proposed offering are not consistent with existing product
already in the market and previously risk assessed.
In order to appropriately identify MyState’s ML/TF Risk, MyState will conduct a
timely institution-wide ML/TF Risk assessment of MyState utilising the Risk
Scoring Model (RSM).
The institution-wide ML/TF Risk assessment of MyState will be used to
determine if there are any significant changes in MyState’s ML/TF Risk.
The Group Risk Committee via Risk and Credit Committee will review the
results of the assessment to determine if its risk-based systems and controls
set out in this AML/CTF Program Part A and Part B require amendment.
7.1. The Risk Scoring Model
The Risk Scoring Model (RSM) will contain the set of metrics that MyState will
use to measure its Customer relationships and transactions to determine the
level of ML/TF Risk they pose to MyState.
The risk scoring model allows identification, analysis and assessment or
qualification of ML/TF risk. It incorporates four risk categories (customer,
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 10
MyState Limited
product / service, channel and employee) that typically influence the degree to
which a money launderer or financier of terrorism might use MyState to launder
money or finance terrorism.
It adopts a risk-based approach to managing ML/TF risk. This allows the
identification of quantification of areas of greater risk and thereby matches
effort with risk by placing more emphasis on implementing controls in higher
risk areas. The results produce scores that can be used to interpret the
indicative inherent risk in products, customer or channels.
The AML/CTF Compliance Officer will review the risk scoring model used on a
regular basis to ensure it is fit for purpose. This model my internally developed
or procured from an external source.
8. Approval and Oversight by the Board and Management
8.1. Review and Approval
The AML/CTF Policy and Program – including Part A will be reviewed and
submitted for approval every three years by the Chief Risk Officer or Delegate.
The approval will be provided by the MyState Board via the Group Risk
Committee and the Risk and Credit Committee.
Earlier reviews may be required in the event of a change in underlying
regulations or a material change to the size, business mix and complexity of the
Group is identified.
8.2. Oversight
Reporting to Board, Executive and Senior Management will occur as required
and as appropriate to provide oversight. Examples of reporting include but are
not limited to the following;
Breach Reporting
Incident Reporting (related to ML/TF)
Assurance Testing and Internal Audit
Annual AML/CTF Compliance Reporting
AML/CTF Training Program Compliance
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 11
MyState Limited
9. Employee Due Diligence
MyState undertakes an employee due diligence program to reduce ML/TF Risk.
These incudes the following:
9.1 Pre-Employment Screening
All prospective Employees and Officers who are applying for a position within
MyState that may enable them to facilitate the commission of a Money
Laundering or Financing of Terrorism offence will be subject to a background
check in accordance with the MyState Limited - Recruitment and Selection
Procedure prior to their appointment to that position.
9.2 Annual Assessments
As identified in accordance with the Recruitment and Selection Procedure
and Fit & Proper Policy, employees and officers whose position within MyState
may enable them to facilitate the commission of a Money Laundering or
Financing of Terrorism offence will be subject to an annual review including
where appropriate additional background checks.
9.3 General Assessments
All Employees and Officers who are transferred or promoted to a position that
may enable them to facilitate the commission of a Money Laundering or
Financing of Terrorism offence will be subject to a background check in
accordance with the Recruitment and Selection Procedure and Fit & Proper
Policy.
9.4 Investigating Breaches
If an Officer or Employee believes that an Officer or Employee has failed to
comply with the AML/CTF Act and the Associated Legislation, any system,
control or procedure in this AML/CTF Program – Part A and/or Part B they must
notify to their supervisor, the AML/CTF Compliance Officer or Senior
Management.
If an Officer or Employee believes that the AML/CTF Compliance Officer has
failed to comply with the AML/CTF Act and the Associated Legislation, any
system, control or procedure in this AML/CTF Program – Part A and /or Part B
they must notify the CRO or a member of executive , or via the processes
documented in the Whistleblower Protection Policy.
Any person making such a report will be subject to MyState’s Whistleblower
Protection Policy process and procedures.
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 12
MyState Limited
The AML/CTF Compliance Officer will investigate any potential breaches of:
the AML/CTF Act and the Associated Legislation; or
this AML/CTF Policy and Program or
the AML/CTF Program Part B
by an Employee or Officer and will communicate regulatory breaches to the
Group Risk Committee via the Risk and Credit Committee. The AML/CTF
Compliance Officer will, if necessary, communicate their findings to AUSTRAC
and the relevant law enforcement agencies as appropriate.
9.5 Managing Breaches by Employees
MyState has a Recruitment and Selection Procedure, a Fit & Proper Policy and
a Code of Conduct to set out how MyState will manage an Officer or Employee
who has failed to comply with the AML/CTF Act and the Associated Legislation,
or any system, control or procedure in this AML/CTF Policy and Program.
10. AML/CTF Risk Assessment Training Program
It is a requirement of this Policy and Program that basic training will be
provided, or made available, to all Employees and Agents on:
the sources of ML/TF risk to MyState Group
the reporting entity's commitment to AML/CTF compliance
the reporting entity's AML/CTF Program Part A and Part B
the MyState Groups obligations under the AML/CTF Act and Rules and
the consequences of non-compliance
the nature and consequences of the ML/TF risks they may reasonably
face.
Compliance with the AML/CTF Training Program will be reported monthly to
Risk and Credit Committee.
10.1 Levels of Training
The training provided under the AML/CTF Training Program will be specific to
the work or responsibilities of each Officer, Employee and Agent. The
requirements for training, and the contents of this training, will be tailored to the
specific responsibility of different classes of Officers, Employees and Agents.
10.2 New Employees
New Employees are required to attend induction training regarding their role
and duties as an Employee, a component of which is training covered by the
AML/CTF Training Program.
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 13
MyState Limited
Verification that new Employees have completed MyState’s induction training
will be maintained by the Training Officer.
10.3 Current or Existing Employees
Current or existing Employees must undergo training covered by the AML/CTF
Training Program on an annual basis.
In addition those Employees who are in a position or who are transferred or
promoted to a position, which could enable them to facilitate the commission of
Money Laundering or the Financing of Terrorism will be subject to training that
has regard to the ML/TF Risk the relevant Employee poses to MyState.
10.4 Board
The Board will receive a general induction to all MyState policies including this
AML/CTF Policy and Program on commencement of duties. Further Training
will be provided as requested by the Board Member.
10.5 Senior Management
All members of Senior Management are required to attend training covered by
the AML/CTF Training Program. The Training Officer will arrange for this
training to be provided in a timely manner prior on a periodic basis throughout
the year.
Verification that members of Senior Management have completed training
covered by the AML/CTF Training Program will be maintained by the Training
Officer.
10.6 AML/CTF Compliance Officer
MyState will ensure that the AML/CTF Compliance Officer has the appropriate
training to satisfy the requirements of the role. The training for the AML/CTF
Compliance Officer must ensure that the person fulfilling the role:
stays abreast of any new legal and regulatory developments under the
AML/CTF Act and the Associated Legislation;
is able to determine the effect of any new legal and regulatory
developments under the AML/CTF Act and the Associated Legislation on
MyState, its Officers, Employees and Agents;
is able to recommend appropriate actions to the Group Risk Committee
via the Risk and Credit Committee regarding the effect of any new legal
and regulatory developments under the AML/CTF Act and the Associated
Legislation.
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 14
MyState Limited
10. 7 Internal Audit
The AML/CTF Compliance Officer will arrange for orientation and explanation
for the Internal Audit Function, which will enable the Internal Audit Function to
perform the testing and auditing of compliance with this AML/CTF Policy and
Program Part A and Part B.
10.8 Components of Training Program
Components of the AML/CTF Training Program will include, but not necessarily
be limited to, the following topics:
AML/CTF Policy and program
money laundering techniques and schemes;
review of the AML/CTF Act and the Associated Legislation;
the consequences of not complying with the AML/CTF Act and the
Associated Legislation, including penalties;
roles and responsibilities for this AML/CTF Policy and Program;
Customer identification procedures set out in Part B of the AML/CTF
Program;
Suspicious Matter reporting;
Threshold Transaction Reporting;
consideration of MyState obligations under other legislation including the
Privacy Act 1988 (Cth); and
record keeping under the AML/CTF Act.
10.9 Computer Based Training
Where available, all training covered by the AML/CTF Training Program will be
delivered to Officers, Employees and Agents through computer based training
programs. The training will be designed such that the Officer, Employee or
Agent reads the material and answers questions on the computer.
All Officers, Employees and Agents will be required to successfully complete
the training designated for their position. Failure to successfully complete
training covered by the AML/CTF Training Program may result in disciplinary
action.
10.10 Types of Training
MyState will provide the following training to all of its Employees and Agents:
the computer based training described in paragraph within this AML/CTF
Policy and Program.
regulatory updates and updated government lists to appropriate
Employees and Agents on an as needed basis.
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 15
MyState Limited
an internal compliance news service sent to appropriate Employees and
Agents based on information provided by Customer Owned Banking
Association (COBA).
In addition MyState will source the training from external providers to be made
available to Officers, Employees and Agents who, due to the nature of their job
responsibilities, need training in excess of that provided by MyState.
The AML/CTF Compliance Officer will approve all external training program
attendance. The relevant officer, Employee or Agent is responsible for
submitting notification of successful completion of any external training program
to the Training Officer. The Training Officer will maintain a record of this
training.
10.11 Frequency of Training
Certain Officers, Employees and Agents must undergo annual training covered
by the AML/CTF Training Program, according to a schedule determined by the
AML/CTF Compliance Officer. In response to regulatory changes the AML/CTF
Compliance Officer may mandate additional training requirements as needed.
10.12 Remedial Training
All Officers, Employees and Agents will be required to undergo remedial
training covered by the AML/CTF Training Program at the direction of the
AML/CTF Compliance Officer (and where relevant their supervisor).
An Officer, Employee or Agent will be required to undertake remedial training
covered by the AML/CTF Training Program if they fail to comply with this
AML/CTF Policy and Program.
10.13 Record Keeping
The Training Officer will maintain and monitor all training covered by the
AML/CTF Training Program. Specifically, the Training Officer will:
monitor the completion of training under the AML/CTF Training Program;
maintain documentation pertaining to testing material, schedules and
individual results for training covered by the AML/CTF Training Program.
10.14 - Updating Training Materials
Training ‘materials' are updated upon changes in regulation or law at the
direction of the AML/CTF Compliance Officer and must be reviewed regularly in
conjunction with the Training Officer.
At the discretion of the AML/CTF Compliance Officer updates may occur on a
more frequent basis. Laws and regulations, policies and procedures, technical,
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 16
MyState Limited
software and current topical issues will be considered when updating the
training covered by the AML/CTF Training Program.
11. AUSTRAC Feedback
The AML/CTF Compliance Officer is the point of contact point for AUSTRAC
when delivering any feedback on the performance of MyState management of
its ML/TF Risk.
Feedback from AUSTRAC will take the form of reports resulting from formal
inspection audits or informal communications from AUSTRAC about industry-
based or MyState specific matters.
The AML/CTF Compliance Officer is responsible for notifying the Group Risk
Committee via the Risk and Credit Committee about any AUSTRAC feedback.
The Group Risk Committee via the Risk and Credit Committee will review the
AUSTRAC feedback with regard to:
any appropriate adjustment to the ML/TF Risks considered acceptable to
MyState; and
any appropriate changes to the risk-based systems and controls MyState
has included in this AML/CTF Policy and Program.
any appropriate changes processes and procedures detailed in the Part B
of the AML/CTF Program.
The AML/CTF Compliance Officer will also ensure any AUSTRAC feedback is
included in the institution-wide ML/TF Risk assessment of MyState.
12. Ongoing Customer Due Diligence
Ongoing Customer Due Diligence ensures customers are monitored on an
ongoing basis to identify, mitigate and manage any ML/TF risk posed on
account of providing the designated services. Ongoing customer due diligence
includes the following;
12.1 Transaction Monitoring
MyState will undertake a risk-based transaction monitoring program. A
transaction monitoring program:
Includes appropriate risk-based systems and controls to monitor the
transactions of customers
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 17
MyState Limited
must identify transactions that are considered to be suspicious
should be capable of identifying complex, unusually large transactions and
unusual patterns of transactions which have no apparent economic or
visible lawful purpose.
A risk-based transaction monitoring program may include the following
elements:
risk-based processes for recognising money laundering typologies and
transaction patterns indicating suspicious behavior (for example,
customers making large, structured cash deposits, and then subsequently
transferring the funds electronically to unrelated accounts)
processes to establish customer transaction profiles that include the
customer's transaction history (for example, to identify instances where a
customer has conducted activity inconsistent with their profile)
processes to compare established customer transaction profiles against
risk-based typologies and transaction patterns
processes to assign alerts to customers identified as high risk or those
conducting transactions indicating suspicious behaviour.
MyState’s transaction monitoring program may be conducted manually or using
an automated transaction monitoring system.
12.2 Enhanced customer due diligence program
Mystate will undertake a enhanced customer due diligence (ECDD) program.
ECDD is the process of undertaking additional customer identification and
verification measures in certain circumstances deemed to be high risk.
The ECDD program details the procedures MyState must undertake:
if it determines under its risk-based systems and controls (for example,
through its transaction monitoring program) the ML/TF risk associated
with dealing with a certain customer is high
a designated service is being provided to a customer who is, or has a
beneficial owner who is, a foreign PEP
when an SMR obligation arises
if it is entering into or proposing to enter into a transaction, and one party
to the transaction is physically present in, or is a corporation incorporated
in, a prescribed foreign country.
MyState has implemented a range of ECDD procedures which are detailed in
the Customer Identification, Due Diligence & Verification Procedure and the
Fraud and Fraud and Financial Crimes Procedures
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 18
MyState Limited
13. AUSTRAC Reporting
MyState will comply with all of its reporting obligations as a reporting entity
under the AML/CTF Act and the Associated Legislation.
13.1. Threshold transactions
MyState will ensure that if a customer commences to provide, or provides, a
Designated Service to a Customer that involves a Threshold Transaction,
MyState will make a Threshold Transaction report within the applicable
timeframe.
The AML/CTF Compliance Officer will be responsible for ensuring appropriate
testing in respect of MyState threshold transaction reporting obligations and
reporting thereof.
The AML/CTF Compliance Officer will comply with requests by the AUSTRAC
CEO to give further information or produce documents relevant to the Threshold
Transaction report.
13.2. Suspicious Matter Reporting
MyState will ensure all Officers, Employees and Agents who identify
occurrences of unusual or suspicious activity must provide the suspicious
matter report to the Fraud Risk Team. The Fraud Risk Team will then undertake
the lodging of the Suspicious Matter Report with AUSTRAC.
The AML/CTF Compliance Officer will be responsible for ensuring appropriate
testing in respect of MyState suspicious matter reporting obligations and
reporting thereof.
13.3. Tipping Off
Each Officer, Employee and Agent must not provide advice or other assistance
to persons who violate, attempt to violate or avoid the AML/CTF Act, the
Associated Legislation or this AML/CTF Program – Part A.
13.4. Compliance Reporting
MyState will submit to AUSTRAC a report relating MyState’s compliance with
AML/CTF Act, the regulations and the AML/CTF Rules (‘Compliance Report’) in
accordance with AML/CTF Act.
The AML/CTF Officer will submit the AUSTRAC Annual Compliance Report in
accordance with AUSTRAC timeframes on an annual basis for each registered
designated service provider.
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 19
MyState Limited
A copy of the AUSTRAC Annual Compliance Report will be provided to the
Group Risk Committee via the Risk and Credit Committee.
The AML/CTF Compliance Officer will be responsible for:
preparing the Compliance Report;
giving it to Risk and Credit Committee;
giving it to the AUSTRAC CEO; and
For keeping and maintaining a record of the Compliance Report.
13.5. Changes to Enrolment Details and Registration Details
MyState will notify the AUSTRAC CEO of any changes to enrolment details and
registration details as per the requirements of the Act. The action will be
undertaken by the AML/CTF Compliance Officer.
14. Internal Communication
MyState will make available a copy of this AML/CTF Policy and Program and
Part B Procedures to all Officers and Employees. MyState will publish the
Money Laundering and Financing of Terrorism Part A and Part B Procedures
on the Group’s Intranet site.
This documentation will be accessible to all Officers and Employees and will be
maintained by the AML/CTF Compliance Officer. The Intranet will contain this
AML/CTF Program Part A, the most recent Money Laundering and Financing of
Terrorism communications and advisories, MyState Money Laundering and
Financing of Terrorism policies and procedures and contact information for
Money Laundering and Financing of Terrorism queries, as appropriate.
15. Record Keeping
As required by the AML/CTF Act and AML/CTF Rules, MyState must retain all
reports and records as required.
16. Review
MyState is committed to the independent review of this AML/CTF Program -
Part A. The independent review will assess:
the effectiveness of this AML/CTF Policy and Program;
whether this AML/CTF Policy and Program complies with the AML/CTF
Rules;
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 20
MyState Limited
whether this AML/CTF Policy and Program - has been effectively
implemented; and
whether MyState has complied with this AML/CTF Policy and Program.
MyState’s Independent Audit Function will conduct, at least once every three
years or as required, an audit to assess MyState’s compliance with the
AML/CTF Act, Associated Legislation, this AML/CTF Policy and Program and
as required any risk-based systems, controls, policies, procedures and training
programs which underpin this AML/CTF Policy and Program.
Following the audit, the Independent Audit function will prepare a written report
regarding the results of the evaluation. This audit report will be submitted to the
Group Risk Committee via the Risk and Credit Committee, who together will
direct such action(s) as may be required based on the audit report's findings
and ensure that any deficiencies detected are addressed and rectified.
Appropriate follow up on all identified issues requiring action is mandatory. In
the event these issues are deemed significant the implementation and
completion of these actions will be reported to the Group Risk Committee via
the Risk and Credit Committee.
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 21
MyState Limited
Version Control
Version
Number
Date
Approved
Brief Description Approver
4.0 16 July 2015 AML/CTF Program Part A and Part B Board
5.0 20 April 2017 AML/CTF Program Part A Board
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 22
MyState Limited
Annexure 1 – Definitions
AFS Licence means the Australian Financial Services Licence granted by
ASIC to MyState Bank Limited (240896), its subsidiary Connect Asset
Management Pty Ltd (289677), Tasmanian Perpetual Trustees Limited
(234630) under Part 7.6 of the Corporations Act
AML/CTF Act means the Anti-Money Laundering and Counter-Terrorism Act
2006 (Cth)
AML/CTF Compliance Officer means the Senior Manager of MyState
designated by the Board as the AML/CTF Compliance Officer in accordance
with the AML/CTF Rules
AML/CTF Compliance Report means a report lodged with the AUSTRAC
CEO in accordance with Division 5, Part 3 of the AML/CTF Act.
AML/CTF Program – Means both the AML/CTF Program - Part A and
AMLCTF Program - Part B
AML/CTF Policy and Program – Means this document which details
MyState’s AML/CTF Policy and Part A of an AML/CTF Program as Required by
the AML/CTF Act.
AML/CTF Program – Part B – Means the document that describes the
customer identification and due diligence procedures and Fraud and Financial
Crime Procedure in detail.
AML/CTF Rules means the anti-money laundering and counter-terrorism rules
made by the AUSTRAC CEO under the Anti-Money Laundering and Counter-
Terrorism Rules Instrument 2007 (No. 1) (Cth)
Associated Legislation means:
the AML/CTF Rules; and
the Financial Transaction Reports Act 1988 (Cth); and
Charter of the United Nations Act (1945) (Cth); and
Charter of United Nations (Terrorism and Dealings with Assets) Regulations 2008
(Cth); and
Criminal Code; and
Criminal Code Regulations 2002 (Cth); and
Proceeds of Crime Act 2002 (Cth).
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 23
MyState Limited
AUSTRAC means the Australian Transaction Reports and Analysis Centre
AUSTRAC CEO means the Chief Executive Officer of AUSTRAC
Beneficial Owner has the same meaning given to that term in rule 1.2.1 of the
AML/CTF Rules
Board means the board of directors of MyState Limited
Group Risk Committee means the Board committee established by the Board to
generally review the effectiveness of Risk Management Strategy and Framework
Policy Corporations Act means the Corporations Act 2001 (Cth)
Criminal Code means the Criminal Code Act 1995 (Cth)
Customer has the meaning given to that term by section 5 of the AML/CTF Act
Delivery Channel means the method by which MyState will deliver its Products
to Customers
Designated Services has the meaning given to that term by section 5 of the
AML/CTF Act
Electronic Funds Transfer Instructions has the same meaning to that term by
section 5 of the AML/CTF Act.
Employee is to be construed broadly to include, but not be limited to all
individuals who have a traditional employer/employee relationship with MyState
in either a permanent or temporary capacity. The term also includes individuals
who are performing work in a contract capacity or as a consultant to MyState.
Financing of Terrorism has the same meaning given to that term by section 5 of
the AML/CTF Act
Internal Audit Function means that part of MyState that has been established
as the internal audit function in accordance with the Australian Prudential
Regulation Authority’s Prudential Standard CPS 510 - Governance
Know your Customer Information (KYC) has the same meaning given to that
term in rule 1.2.1 of the AML/CTF Rules
Legal & Compliance Business Unit means that part of MyState that has been
established to monitor and maintain compliance measures to ensure that
Anti-Money Laundering and Counter-Terrorism Financing Policy and Program
Approved: by the Board on 20 April 2017 P a g e | 24
MyState Limited
MyState complies with all the law and regulations that may apply to it from time to
time
Locations means the foreign jurisdictions with which MyState deals
Money Laundering has the same meaning given to that term by section 5 of the
AML/CTF Act
ML/TF Risk means the risk that MyState may reasonably face that the provision
by MyState of Designated Services might (whether inadvertently or otherwise)
involve or facilitate Money Laundering or the Financing of Terrorism
MyState for the purposes of this AML/CTF Program means MyState Limited,
MyState Bank Limited and Tasmanian Perpetual Trustees Limited as well as all
other MyState Limited Group Companies and subsidiaries
Officer means an officer of MyState where the term ‘officer’ has the same
meaning given to that term by section 5 of the Corporations Act
PEP means Politically Exposed Person as defined by the Financial Action Task
Force (FATF), an international inter-governmental body (of which Australia is a
founding member) which sets standards and promotes effective implementation
of legal, regulatory and operational measures for combating money laundering,
terrorist financial and other related threats to the integrity of the international
financial system.
Products means any of the services provided by MyState that are Designated
Services
RSM means the risk scoring model developed to rate a Financial Institution’s
ML/TF Risk by customer type, product type, access channel type and employee
type, licensed for use by MyState
Senior Manager has the same meaning given to that term by section 5 of the
Corporations Act
Senior Management means the Senior Managers who are collectively
responsible for the day to day management of MyState
Suspicious Matters has the same meaning given to that term by section 5 of the
AML/CTF Act
Threshold Transaction has the same meaning given to that term by section 5 of
the AML/CTF Act